Skip to content

Latest commit

 

History

History
74 lines (54 loc) · 2.33 KB

README.md

File metadata and controls

74 lines (54 loc) · 2.33 KB

java-spring-s3-reference

Demonstrate uploading a file to an S3 storage bucket using the AWS SDK for Java.

Prerequisites

Setup

  1. Create an S3 bucket:

    aws s3api create-bucket --bucket <bucket-name> --region <region>
  2. Create an IAM Identity Center user:

     aws iam create-user --user-name <user-name> --profile <profile-name>
  3. Attach the AmazonS3FullAccess policy to the user:

    aws iam attach-user-policy --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess --user-name <user-name> --profile <profile-name>

Create a Permission Set in IAM Identity Center using the AWS Management Console

  1. Sign in to the AWS Management Console.
  2. Open the IAM Identity Center.
    • In the IAM Identity Center dashboard, select "Permission sets" from the left navigation pane.
    • Choose "Create a permission set."
  3. Create a Custom Permission Set.
    • Choose "Create a custom permission set."
    • Give your permission set a name and description.
    • Click "Next: Permissions."
  4. Attach S3 Policies.
    • Click "Create inline policy."
    • Use a JSON policy to grant S3 access (src/main/resources/s3-bucket-access-policy.json).
    • Click "Create Policy" and then "Next: Tags" (optional), then "Next: Review."
    • Review the permission set and click "Create."
  5. Assign the Permission Set to a User.
    • Go back to the IAM Identity Center dashboard.
    • Navigate to "AWS accounts."
    • Select the account you want to assign the permission set to.
    • Click "Assign users."
    • Choose the user you want to assign the permission set to.
    • Select the permission set you created (S3AccessPermissionSet).
    • Click "Assign."

Use the AWS CLI with IAM Identity Center User

  1. Ensure you have configured your AWS CLI to use SSO:

    aws configure sso
  2. Authenticate using AWS SSO:

    aws sso login --profile <profile-name>
  3. Verify access:

    Try uploading a file to your S3 bucket:

    aws s3 cp <file> s3://<bucket-name> --profile <profile-name>